On Mar 26, 2014, at 11:41 PM, chaij <jin.c...@indigoarc.com> wrote: > I got this exception on the Camel CXF endpoint SOAP service side when try to > add action "Signature" to the WSS4J interceptor. > A search on the web gives me this link: > http://stackoverflow.com/questions/21492255/cxf-client-ws-security-mtom-trouble > > By disabling MTOM, it did resolve the problem. Is this a known issue? MTOM > can't work together with Security?
Yes. At this point with CXF, MTOM and WS-Security won’t work “compatibly” together. It should work OK if it’s CXF on both sides of the wire, but keep in mind the attachments wouldn’t actually be signed or encrypted. There’s a thread on the CXF list from last week talking a little about it: http://cxf.547215.n5.nabble.com/Signed-encrypted-MTOM-tt5741665.html Dan > > Thanks! > > org.apache.cxf.binding.soap.SoapFault: The signature or decryption was > invalid > at > org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.createSoapFault(WSS4JInInterceptor.java:788)[162:org.apache.cxf.cxf-rt-ws-security:2.7.7] > at > org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:336)[162:org.apache.cxf.cxf-rt-ws-security:2.7.7] > at > org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:95)[162:org.apache.cxf.cxf-rt-ws-security:2.7.7] > at > org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:272)[122:org.apache.cxf.cxf-api:2.7.7] > at > org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121)[122:org.apache.cxf.cxf-api:2.7.7] > at > org.apache.cxf.transport.http_jetty.JettyHTTPDestination.serviceRequest(JettyHTTPDestination.java:355)[144:org.apache.cxf.cxf-rt-transports-http-jetty:2.7.7] > at > org.apache.cxf.transport.http_jetty.JettyHTTPDestination.doService(JettyHTTPDestination.java:319)[144:org.apache.cxf.cxf-rt-transports-http-jetty:2.7.7] > at > org.apache.cxf.transport.http_jetty.JettyHTTPHandler.handle(JettyHTTPHandler.java:72)[144:org.apache.cxf.cxf-rt-transports-http-jetty:2.7.7] > at > org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1040)[64:org.eclipse.jetty.server:7.6.8.v20121106] > at > org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:976)[64:org.eclipse.jetty.server:7.6.8.v20121106] > at > org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:135)[64:org.eclipse.jetty.server:7.6.8.v20121106] > at > org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:255)[64:org.eclipse.jetty.server:7.6.8.v20121106] > at > org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116)[64:org.eclipse.jetty.server:7.6.8.v20121106] > at > org.eclipse.jetty.server.Server.handle(Server.java:363)[64:org.eclipse.jetty.server:7.6.8.v20121106] > at > org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:483)[64:org.eclipse.jetty.server:7.6.8.v20121106] > at > org.eclipse.jetty.server.AbstractHttpConnection.content(AbstractHttpConnection.java:931)[64:org.eclipse.jetty.server:7.6.8.v20121106] > at > org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.content(AbstractHttpConnection.java:992)[64:org.eclipse.jetty.server:7.6.8.v20121106] > at > org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:856)[60:org.eclipse.jetty.http:7.6.8.v20121106] > at > org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:240)[60:org.eclipse.jetty.http:7.6.8.v20121106] > at > org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82)[64:org.eclipse.jetty.server:7.6.8.v20121106] > at > org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:628)[59:org.eclipse.jetty.io:7.6.8.v20121106] > at > org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:52)[59:org.eclipse.jetty.io:7.6.8.v20121106] > at > org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:608)[58:org.eclipse.jetty.util:7.6.8.v20121106] > at > org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:543)[58:org.eclipse.jetty.util:7.6.8.v20121106] > at java.lang.Thread.run(Thread.java:662)[:1.6.0_29] > Caused by: org.apache.ws.security.WSSecurityException: The signature or > decryption was invalid > at > org.apache.ws.security.processor.SignatureProcessor.verifyXMLSignature(SignatureProcessor.java:451)[159:org.apache.ws.security.wss4j:1.6.12] > at > org.apache.ws.security.processor.SignatureProcessor.handleToken(SignatureProcessor.java:231)[159:org.apache.ws.security.wss4j:1.6.12] > at > org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:396)[159:org.apache.ws.security.wss4j:1.6.12] > at > org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:279)[162:org.apache.cxf.cxf-rt-ws-security:2.7.7] > ... 23 more > > > > -- > View this message in context: > http://camel.465427.n5.nabble.com/WSS4JInInterceptor-The-signature-or-decryption-was-invalid-tp5749409.html > Sent from the Camel - Users mailing list archive at Nabble.com. -- Daniel Kulp dk...@apache.org - http://dankulp.com/blog Talend Community Coder - http://coders.talend.com
